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Trustworthy 100-year di g ital objects: Evidence after every witness is dead 
Henry M. Gladney 

July 2004 ACM Transactions on Information Systems (TOIS), volume 22 issue 3 
Publisher: ACM Press 

Additional Information: full citation , abstract , references , citings, index 
terms 



Full text available: ■fa pdffl .24 MB) 



In ancient times, wax seals impressed with signet rings were affixed to documents as 
evidence of their authenticity. A digital counterpart is a message authentication code fixed 
firmly to each important document. If a digital object is sealed together with its own audit 
trail, each user can examine this evidence to decide whether to trust the content— no 
matter how distant this user is in time, space, and social affiliation from the document's 
source. We propose an architecture and design that a ... 



Wh o's g ot the ke y? 
David Henry 

November 1999 Proceedings of the 27th annual ACM SIGUCCS conference on User 
services: Mile high expectations SIGUCCS '99 

Publisher: ACM Press 

Full text available: t g| pdf(30.32 KB) Additional Information: full citation , references , index terms 



Keywords: PKI, certificate authority, encryption 



Antiquity: exploiting a secure log for wide-area distributed stora ge 

Hakim Weatherspoon, Patrick Eaton, Byung-Gon Chun, John Kubiatowicz 

March 2007 ACM SIGOPS Operating Systems Review , Proceedings of the 2007 

conference on EuroSys EuroSys '07, volume 41 issue 3 
Publisher: ACM Press 

Full text available: 'gj pdf( 584 . 6 4 KB ) Additional Information: full citation, absjract, references, index terms 

Antiquity is a wide-area distributed storage system designed to provide a simple storage 
service for applications like file systems and back-up. The design assumes that all servers 
eventually fail and attempts to maintain data despite those failures. Antiquity uses a 
secure log to maintain data integrity, replicates each log on multiple servers for durability, 
and uses dynamic Byzantine fault-tolerant quorum protocols to ensure consistency among 
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replicas. We present Antiquity's design and an ... 

Keywords: archival storage systems, data durability, data integrity, distributed storage 
system, wide-area 
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information systems 

Gordon B. Davis, John T. Gorgone, J. Daniel Couger, David L. Feinstein, Herbert E. 
Longenecker 

December 1996 ACM SIGMIS Database , Guidelines for undergraduate degree 

programs on Model curriculum and guidelines for undergraduate 
degree programs in information systems IS '97, volume 28 issue l 
Publisher: ACM Press 

Full text available: fi^ pdf(7.24 MB) Additional Information: full citation , citings 



5 C omputin g cu rricula 2001 

^ September 2001 Journal on Educational Resources in Computing (JERIC) 

^ Publisher: ACM Press 

Full text available: * pdf(§12 Additional Information: full citation , references , citings, index terms 
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Authentication and si g nature schemes: Ori g in authentication in interdomain routin g 
William Aiello, John Ioannidis, Patrick McDaniel 

October 2003 Proceedings of the 10th ACM conference on Computer and 

communications security CCS '03 
Publisher: ACM Press 

r- ii * * u. est ^eooc i/m Additional Information: full citation, abstract, references, citings, index 

Full text available: TO pdf(268.26 KB) - 

^ t erms 

Attacks against Internet routing are increasing in number and severity. Contributing 
greatly to these attacks is the absence of origin authentication: there is no way to 
validate claims of address ownership or location. The lack of such services enables not 
only attacks by malicious entities, but indirectly allow seemingly inconsequential 
miconfigurations to disrupt large portions of the Internet. This paper considers the 
semantics, design, and costs of origin authentication in interdomai ... 

Keywords: BGP, address management, delegation, routing, security 



Decentralized stora ge s ystems: Farsite: federated , available , and reliable stora ge for | 
an incompletely trusted environment 

Atul Adya, William J. Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John R. 
Douceur, Jon Howell, Jacob R. Lorch, Marvin Theimer, Roger P. Wattenhofer 
December 2002 ACM SIGOPS Operating Systems Review, volume 36 issue si 

Publisher: ACM Press 

r- „ . . ■ i , f/ , 07ym Additional Information: full citation, abstract, refe rences , ci ted b y, index 

Full text available: TO pdf(1.87 MB) ■ 

^ terms 

Farsite is a secure, scalable file system that logically functions as a centralized file server 
but is physically distributed among a set of untrusted computers. Farsite provides file 
availability and reliability through randomized replicated storage; it ensures the secrecy of 
file contents with cryptographic techniques; it maintains the integrity of file and directory 



http://portal.acm.org/resu^ 7/6/2007 



Results (page 1): -^signature +certificate ^(integrity) +(storage repository document) 



Page 3 of 7 



data with a Byzantine-fault-tolerant protocol; it is designed to be scalable by using a 
distributed hint mechanism and delegatio ... 

Secu re Data Publishing and Certificate M a na gement: Flexi ble au thentication of XM L | 
documents 

P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, S. G. Stubblebine 
November 2001 Proceedings of the 8th ACM conference on Computer and 

Communications Security CCS '01 
Publisher: ACM Press 

Full text available- 151 df(21 9 1 7 KB) Add ' tional Information: full citation , abstract , references , citings, index 
' T^J : terms 

XML is increasingly becoming the format of choice for information exchange, in critical 
areas such as government, finance, healthcare and law, where integrity is of the essence. 
As this trend grows, one can expect that documents (or collections thereof) may get quite 
large, and clients may wish to query for specific segments of these documents. In critical 
applications, clients must be assured that they are getting complete and correct answers 
to their queries. Existing methods for signing XML d ... 

9 Fast d etec tion of commun ica tio n patte r n s in distributed executions I 
Thomas Kunz, Michiel F. H. Seuren 

November 1997 Proceedings of the 1997 conference of the Centre for Advanced 
Studies on Collaborative research CASCON '97 

Publisher: IBM Press 

Full text available: °g| pdf(4.21 MB) Additional Information: full citation , abstract , references , index terms 

Understanding distributed applications is a tedious and difficult task. Visualizations based 
on process-time diagrams are often used to obtain a better understanding of the 
execution of the application. The visualization tool we use is Poet, an event tracer 
developed at the University of Waterloo. However, these diagrams are often very complex 
and do not provide the user with the desired overview of the application. In our 
experience, such tools display repeated occurrences of non-trivial commun ... 

10 Control and inte grity: New techniques for ensurin g the lon g term inte grit y of di g ital 
archives 

Sangchul Song, Joseph JaJa 

May 2007 Proceedings of the 8th annual international conference on Digital 
government research: bridging disciplines & domains dg.o '07 

Publisher: Digital Government Research Center 

Full text available: 'g) pdf(6Q7.08 KB) Additional Information: full citation, abstract, references, index term s 

A large portion of the government, business, cultural, and scientific digital data being 
created today needs to be archived and preserved for future use of periods ranging from a 
few years to decades and sometimes centuries. A fundamental requirement of a long term 
archive is to ensure the integrity of its holdings. In this paper, we develop a new 
methodology to address the integrity of long term archives using rigorous cryptographic 
techniques. Our approach involves the generation of a small ... 

Keywords: data integrity, digital archives, integrity audits, linked hashing 



11 COCA: A secure distributed online certification authorit y 
Lidong Zhou, Fred B. Schneider, Robbert Van Renesse 

November 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 4 
Publisher: ACM Press 

Full text available: pdf(448.28 KB) Additional Information: full citation, abstract, references, citings, index 
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terms 

COCA is a fault-tolerant and secure online certification authority that has been built and 
deployed both in a local area network and in the Internet. Extremely weak assumptions 
characterize environments in which COCA's protocols execute correctly: no assumption is 
made about execution speed and message delivery delays; channels are expected to 
exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or 
compromised. COCA is the first system to integr ... 

Keywords: Byzantine quorum systems, Certification authority, denial of service, 
proactive secret-sharing, public key infrastructure, threshold cryptography 



12 Certificate-based authorization policy in a PKI environment 
4^ Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai 

November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 
Publisher: ACM Press 

Full text available- ffi pdf (233 63 KB) Additional ,nformation ' Meitefiffin. abstract, references, ci^gs, index 
^ terms 

The major emphasis of public key infrastructure has been to provide a cryptographically 
secure means of authenticating identities. However, procedures for authorizing the 
holders of these identities to perform specific actions still need additional research and 
development. While there are a number of proposed standards for authorization 
structures and protocols such as KeyNote, SPKI, and SAML based on X.509 or other key- 
based identities, none have been widely adopted. As part of an effort to us ... 

Keywords: Public key infrastructure, XML, digital certificates 



1 3 Bidirectional mo b ile code trust mana ge ment usin g tamper r esistant hardware 
John Zachary, Richard Brooks 

April 2003 Mobile Networks and Applications, volume 8 issue 2 
Publisher: Kluwer Academic Publishers 

Full text available: l g) pdf(1 52.99 KB ) Additional Information: fu ll ci ta tion, abstract , references, index terms 

Trust management in a networked environment consists of authentication and integrity 
checking. In a mobile computing environment, both remote hosts and mobile code are 
suspect. We present a model that addresses trust negotiation between the remote host 
and the mobile code simultaneously. Our model uses tamper resistant hardware, public 
key cryptography, and one-way hash functions. 

Keywords: authentication, hash functions, mobile code, tamper resistant hardware, trust 
management 



14 Dig ital si g natures: can they be accepted as le g al si g natures in EDI? 
Patrick W. Brown 

^ December 1993 Proceedings of the 1st ACM conference on Computer and 
communications security CCS "93 

Publisher: ACM Press 

r- H* * -i ui tss jf/onn ^ i/o\ Additional Information: full citation , abstract, references, citings, index 

Full text available: to pdf(809.34_ KB) " 3 

a " •" terms 

Digital Signature (DS) technology may be employed to produce legally enforceable 
signatures in Electronic Data Interchange (EDI) among computer users within the same 
general guidelines and requirements as those developed for handwritten signatures on 
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paper. Digital signature technology promises assurance at least equal to written 
signatures. From a legal standpoint, this assurance remains to be tested in the 
evidentiary process. Business policies for organizational use of this technology ar ... 

Keywords: EDI, cryptography, digital signatures, distributed systems, law 



15 Semantic Web foundations: Named gra phs, provenance and trust 
Jeremy J. Carroll, Christian Bizer, Pat Hayes, Patrick Stickler 

May 2005 Proceedings of the 14th international conference on World Wide Web 
WWW 05 

Publisher: ACM Press 

r- ii, -i ui zs* ^/hoa oo l/dx Additional Information: full citation , abstract, references, citings, index 

Full text available: ra pdf( 13 0.32 KB) - ~ *~ ~ " a 

^ terms 

The Semantic Web consists of many RDF graphs nameable by URIs. This paper extends 
the syntax and semantics of RDF to cover such Named Graphs. This enables RDF 
statements that describe graphs, which is beneficial in many Semantic Web application 
areas. As a case study, we explore the application area of Semantic Web publishing: 
Named Graphs allow publishers to communicate assertional intent, and to sign their 
graphs; information consumers can evaluate specific graphs using task-specific trust 
pol ... 

Keywords: RDF, provenance, semantic Web, trust 



16 Exch an ge o f patient records-proto type im p l ementat i on of a sec urity a t tributes ser vice 
in X.500 

Marjan Jurecic, Herbert Bunz 
November 1994 Proceedings of the 2nd ACM Conference on Computer and 

communications security CCS 94 
Publisher: ACM Press 

Full text available:^ pdf( 884.04 KB ) Additional Information: full citation , abstract , references , index terms 

In Europe, the use of computers in health care industry has increased rapidly in recent 
years. This increase, however, has been accomplished with research efforts in the area of 
privacy and confidentiality of personal data. In the German legislation, protection of 
personal data is guaranteed by the constitution, granting a general right to privacy. This 
constitutional right has been amended by the German Central Court 
(Bundesverfassungsgericht). It says that each individual has the right to ... 

17 A wide-area Distribution Network for free soft ware 
Arno Bakker, Maarten Van Steen, Andrew S. Tanenbaum 

August 2006 ACM Transactions on Internet Technology (TOIT), volume 6 issue 3 
Publisher: ACM Press 

Full text available: 1 ^ pdf(21 5.08 KB ) Additional Information: full citation , abstract , references , index terms 

The Globe Distribution Network (GDN) is an application for the efficient, worldwide 
distribution of freely redistributable software packages. Distribution is made efficient by 
encapsulating the software into special distributed objects which efficiently replicate 
themselves near to the downloading clients. The Globe Distribution Network takes a 
novel, optimistic approach to stop the illegal distribution of copyrighted and illicit material 
via the network. Instead of having moderators check the p ... 

Keywords: Distributed objects, copyright, file sharing, middleware, software distribution, 
traceable content, wide-area networks 
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18 OceanStore: an architecture for g lobal-scale persistent stora ge 
John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, 
Ramakrishna Gummadi, Sean Rhea, Hakim Weatherspoon, Chris Wells, Ben Zhao 
November 2000 ACM SIGARCH Computer Architecture News , ACM SIGOPS Operating 

Systems Review , Proceedings of the ninth international conference 
on Architectural support for programming languages and operating 

Systems ASPLOS-IX, Volume 28 , 34 Issue 5 , 5 

Publisher: ACM Press 

Full text available- « pdf(166.53 KB) Additional ,nformatlon: MfiBaltofi. abstract, referen_ces, citings, index 
m " term s 

OceanStore is a utility infrastructure designed to span the globe and provide continuous 
access to persistent information. Since this infrastructure is comprised of untrusted 
servers, data is protected through redundancy and cryptographic techniques. To improve 
performance, data is allowed to be cached anywhere, anytime. Additionally, monitoring of 
usage patterns allows adaptation to regional outages and denial of service attacks; 
monitoring also enhances performance through pro-active movement ... 

19 OceanStore: an architecture for g lobal -s cale persistent stora ge 
John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, 
Ramakrishan Gummadi, Sean Rhea, Hakim Weatherspoon, Westley Weimer, Chris Wells, Ben 
Zhao 

November 2000 ACM SIGPLAN Notices, Volume 35 issue n 
Publisher: ACM Press 

Full text available- f 51 ) pdf(147MB). Addltjonal Information: full citation , abst ract, references, citings, index 
' ' terms n 

OceanStore is a utility infrastructure designed to span the globe and provide continuous 
access to persistent information. Since this infrastructure is comprised of untrusted 
servers, data is protected through redundancy and cryptographic techniques. To improve 
performance, data is allowed to be cached anywhere, anytime. Additionally, monitoring of 
usage patterns allows adaptation to regional outages and denial of service attacks; 
monitoring also enhances performance through pro-active movement ... 

20 Authentication: Messag e authentication b y integrit y with public co rrob oration 
4^ P. C. van Oorschot 

September 2005 Proceedings of the 2005 workshop on New security paradigms NSPW 
05 

Publisher: ACM Press 

Full text available: ^ pdf(2.31 MB) Additional Information: full c ita tion, abstract , references , index terms 

One of the best-known security paradigms is to use authentication as the basis for access 
control decisions. We turn this around, and instead rely on access control (or more 
precisely, integrity) as the basis for authentication. We propose a simple, practical means 
by which data origin assurances for message authentication are based on corroboration, 
for example by cross-checking with information made available by a known source or at a 
specified location (e.g., web page). The security re ... 

Keywords: data origin authentication, digital signatures, email source authentication, 
message authentication, phishing, security by integrity, spam, undetected key 
compromise 
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